I suspect this error can be because of user’s cookie removal. Sometimes users doesn’t provide cookies. So if you store session data in cookies you can’t get auth tokens which are saved before auth redirect.